Does a DenyAccess group work for http clients authenticated by an external (Active Directory) LDAP server? It should according to Admin help but doesn’t - what is the trick to it?
The DenyAccess group name is in the ‘Not access server’ field.
It isn’t working for Internet (non Notes ID) users in the NAB either. I haven’t tried full Notes clients yet.
An http user who has access to a db can login regardless of presence in the DenyAccess group. It wouldn’t be so bad if we could add the DenyAccess group to database ACLs but with groups the higher level of access always ‘wins’.
We’re not using group authentication in LDAP.